keycloak

问题 I've keycloak 4.0.0 installed on two debian stretch machines. Those are configured in standalone clustered mode. Both share a mysql cluster database instance and a load balancer is doing HA. I've a code which needs to validate tokens against introspection endpoint put it's not working half of the time. This is actually because load balancer is doing its job and consequently easy to reproduce: ask a token on /auth/realms//protocol/openid-connect/token on server 1 call introspection endpoint

问题 This question is the beggining of the story if you want to understand it deeper. I'm trying to use this class in app.module: import { Injectable } from '@angular/core'; import { KeycloakService } from 'keycloak-angular'; import { environment } from '../../../environments/environment'; @Injectable({ providedIn: 'root' }) export class MockKeycloakService { init(ign: any) { console.log('[KEYCLOAK] Mocked Keycloak call'); return Promise.resolve(true); } getKeycloakInstance() { return {

问题 I need your help for a special usecase, I searched on the internet but didn't found anything that would mach my case. I'm new to keycloak so it may be something easy to do but I failed to resolve it : I have two apps with spring boot security which are connected to the same keycloack. Front-end of both was generated by JHIPSTER. Let's call them app1 and app2. 1st case : I'm connected to app1 and app2 from the same browser, it works well, I can request app1 from app2. 2nd case : I'm connected

问题 I need your help for a special usecase, I searched on the internet but didn't found anything that would mach my case. I'm new to keycloak so it may be something easy to do but I failed to resolve it : I have two apps with spring boot security which are connected to the same keycloack. Front-end of both was generated by JHIPSTER. Let's call them app1 and app2. 1st case : I'm connected to app1 and app2 from the same browser, it works well, I can request app1 from app2. 2nd case : I'm connected

问题 I'm kind of desesperate to make this keycloak work. I can authenticate but for some reason, my token introspection always fail. For example if I try to authenticate: curl -d 'client_id=flask_api' -d 'client_secret=98594477-af85-48d8-9d95-f3aa954e5492' -d 'username=jean@gmail.com' -d 'password=superpassE0' -d 'grant_type=password' 'http://keycloak.dev.local:9000/auth/realms/skilltrock/protocol/openid-connect/token' I get my access_token as expected: { "access_token":

问题 I have installed keycloack server 4.3.4. How to activate the REST API of keycloak (Add a user, enabled user, disabled a user ...) ? Regards 回答1: First step to do that is create an admin account (which you would have been prompted to do as soon as you would have opened {keycloak-url}/auth ). Next steps depend on how you want to create config. Through Admin console GUI or through Rest API. Steps to do this through Admin Rest API. First , you will have to get a token from {keycloak-url}/auth

问题 I have installed keycloack server 4.3.4. How to activate the REST API of keycloak (Add a user, enabled user, disabled a user ...) ? Regards 回答1: First step to do that is create an admin account (which you would have been prompted to do as soon as you would have opened {keycloak-url}/auth ). Next steps depend on how you want to create config. Through Admin console GUI or through Rest API. Steps to do this through Admin Rest API. First , you will have to get a token from {keycloak-url}/auth

问题 Like in the title: How to disable the requirement of https on Keycloak? Using only the terminal, as I can't log in to the administrator panel, because... there's no https. 回答1: You could change "Require SSL" in Realm settings, Login tab. The options are external requests Keycloak can run out of the box without SSL so long as you stick to private IP addresses like localhost, 127.0.0.1, 10.0.x.x, 192.168.x.x, and 172..16.x.x. If you don’t have SSL/HTTPS configured on the server or you try to

问题 Sample project available on Github I have successfully configured two Spring Boot 2 application2 as client/resource servers against Keycloak and SSO between them is fine. Besides, I am testing authenticated REST calls to one another, propagating the access token as an Authorization: Bearer ACCESS_TOKEN header. After starting Keycloak and the applications I access either http://localhost:8181/resource-server1 or http://localhost:8282/resource-server-2 and authenticate in the Keycloak login

问题 I'm using keycloak 3.4 and spring boot to develop a web app. I'm using the Active Directory as User Federeation to retrieve all users information. But to use those information inside my web app I think I have to save them inside the "local-webapp" database. So after the users are logged, how can I save them inside my database? I'm thinking about a scenario like: "I have an object A which it refers to the user B, so I have to put a relation between them. So I add a foreign key." In that case I